Jump to main content Jump to footer

Information Security


AKARION'S ISMS opens up new perspectives

trusted by leading organisations

information security highlights

Information security has never been so well thought out


In the course of a 3-tier structure of the information security module, which is oriented towards the ISO 27005 standard, all recorded information - such as risks and measures - are inherited by the respective subsequent stage in order to enable highly efficient work. The procedure is quite simple and flexibly adaptable to other standards and very efficient: Risks that affect all supporting assets of a type (e.g., fire hazard) thus only have to be collected once. During risk analysis and handling, risks are efficiently recorded and then automatically passed on to lower levels.

Identify assets, processes, categories and information assets that are particularly in need of protection thanks to the clear presentation of the protection needs inheritance in our Visual Explorer. Define and visualize dependencies between different processes, assets and their protection requirements. Automatically generate interactive threat graphs based on your input.

Access a comprehensive template catalogue when recording and documenting risks to work even faster. You can also import and maintain your own standard and control sets and map them to each other.

After you have recorded your asset structure as well as risks and measures, the virtual process map offers you visual support, especially with regard to inherited protection requirements and dependencies of (sub-)processes.

You had a security incident? Control and monitor your processes with workflow support and audit-proof time stamps to meet all relevant deadlines.

Automatically create cross-functional synergy effects with BCM and data protection by being able to use the data entered in the ISMS across all modules of the Compliance Cloud. The result: an effective management of your IT compliance.

Focus on solutions

A holistic approach to information security

To enable you to customize your processes, identify dependencies and reduce complexity, we have worked with experts to develop the most comprehensive ISMS for you.

Think holistically about information security

In your daily work as an information security officer, have you also noticed that information security management actually rarely stands alone? The basic data on information security are very similar, often even identical to those in data protection or business continuity management. Therefore, it is best to use one tool for all topics. Experience our ISMS to consolidate all relevant compliance management topics into one and utilize the advantages of digitization.

Perfectly prepared for certification

Whether ISO/IEC 27001:2013 or TISAX - you must prepare yourself and your company well for certification and the subsequent surveillance audits. The key to successful and sustainable certification is to overview all relevant control and risk catalogues and to have everything documented in the sense of PDCA. Use the ISMS Module of the Compliance Cloud and make your information security management audit-proof through continuous documentation.

Identify risks quickly and react

You already have an information security management and also a responsible officer (so-called ISO or CISO). However, your IT infrastructure and the cooperation with externals are very complex. This makes it very difficult for your company to keep track of all the dependencies between the information assets to be protected (e.g., confidential business documents) and the means used (i.e., assets such as software and hardware) and to quickly identify risks and the necessary measures. With our intelligent ISMS with built-in inheritance systematics, you build your ISM not only comprehensively, but also sustainably and effectively.

Features at a glance

Get everything you
need for your ISM

Individually configurable asset and risk management

Maintain your primary assets clearly in one place. You can see important connections, e.g. whether entries are referenced or have been recently changed, at a glance. Capture and document the assets (hardware, software, personnel, etc.) that exist in your organization using many templates. Personalize values for protection goals, risk categories and matrices, assessment periods, etc. to customize the module to your organization and ISM methodology.

Intuitive risk handling and visual requirement assessment

Record and document existing risks (e.g., fire) and address them with appropriate measures (e.g., fire extinguishers). You can also define and visualize the protection requirements of your information assets based on the requirements for confidentiality, integrity, availability or other protection goals such as authenticity.

Use standard catalogues efficiently

Use the risk, hazard and control catalogues freely selectable in the ISMS (e.g., ISO 27001, BSI-GS, VDA ISA (TISAX). PCI-DSS, B3S). You can also import and maintain other common standards and control sets yourself and map them among each other. For example, the ISMS can support you in the creation of regulatory documents (e.g., the statement of applicability).

Holistic risk assessment and treatment

Identify critical vulnerabilities and risks in your company and document the counter measures and the impact they have on risks. During risk analysis and treatment, you can efficiently record risks, which are then automatically passed on to lower levels.

Visualize protection requirements in multi-level business processes

Document all stages of your business processes at a glance, thereby defining associated sub-processes and easily visualize inherited protection requirements.

Concise incident management

Always keep track of any security incidents. You can assign tasks to incidents via an efficient workflow management. You can keep track of open tasks, but also of changes to the incident and thus to the current vulnerability situation in your company.

Monitoring of measures

You can regularly check existing measures for their effectiveness or track the introduction and improvement of measures. Open points can also be coordinated via the internal task management. In doing so you can always keep an eye on the current status of implementation.

Risk reports at the touch of a button

Generate your own comprehensive reports, such as a holistic overall risk report, from your real-time data records with just one click. It is also easy to merge several reports or create free-text reports.

Trust Layer

Document your ISMS in an audit-proof manner and prove the integrity of your data. If required, you can use our solution to prove at any time that the data entered in the Information Security Module has not been manipulated by anyone (Trust by Design).

Compliance Cloud Features

All our Compliance Cloud modules have this in common

Our value proposition for you is user-friendly solutions. We make holistic compliance management possible for you: convenient, resource-saving and with the highest standards of data integrity.


All modules are characterised by very intuitive user guidance and you will quickly find your way around the Compliance Cloud after the initial training. In addition, we offer a comprehensive Help Centre where you can find additional information through videos and descriptions. Our focus is always on ensuring that you get the most out of the Compliance Cloud thanks to the high level of consistency of all modules and the very intuitive user interface.

Manage different compliance aspects with just one solution thanks to the simple modular structure of the Compliance Cloud. Thanks to this holistic approach, you avoid redundancies and contradictions, cleverly exploit synergy effects and save time, costs and nerves.

No matter whether you work in a corporation or want to manage many clients as a consultant: In each module you can manage subsidiaries and branches separately. You can logically separate all companies from each other and, if required, always keep an eye on clients and companies via a central dashboard.

Save time thanks to the comprehensive cross-module and cross-client template system in all modules. Especially in complex company and group structures, this feature of the Compliance Cloud enables you to work more efficiently.

Keep track of the most important data on all compliance topics of your company or group with the help of customisable dashboards. At the same time, you have an overview of particularly time-critical processes, the most relevant key figures, security incidents and your open tasks.

You can create individual reports in each module and across the compliance modules on all the topics you process in the Compliance Cloud. Create reports and documentation with just a few clicks, such as a complete overview of your business processes or processing activities. Be prepared for controls by authorities, clients, etc. at any time through the output of comprehensive reports and get an overview quickly and easily.

Collaborate with internal colleagues and external experts in the system thanks to an event-based task management. Assign tasks, define deadlines and responsibilities and set notifications based on individually defined parameters. With the Compliance Cloud, compliance management becomes teamwork.

No matter where you work from or which languages are spoken in your organization: the modules are designed for multilingualism and have automated translation into over 23 languages (including DE, EN, FR, IT). This means that every user in the system can work automatically in the preferred language with just one click. Additionally,, a wide variety of national and international standards can be mapped in the system (e.g., data protection law).

We want to prove to you that you can rely on us when it comes to security. That's why we have been certified according to ISO/IEC 27001:2013 and our systems have undergone a penetration test by independent experts. In addition, we host our purely web-based application exclusively in Germany. An installation on your premises is not necessary.

What our customers say

Latest news

Related Topics